September 7, 2022Coercer - A Python Script To Automatically Coerce A Windows Server To Authenticate On An Arbitrary Machine Through 9 Methods

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods. FeaturesAutomatically detects open SMB pipes on the remote...

by KitPloit in Automatic, Coerce, Coercer, NTLM, Privilege Escalation, WebDAV, Windows
September 6, 2022noPac - Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-2021-42278 + CVE-2021-42287 chainpositional arguments: [domain/]username[:password]...

by KitPloit in noPac, SMB, SPN, Username
September 5, 2022Aura - Python Source Code Auditing And Static Analysis On A Large Scale

Source code auditing and static code analysis Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and...

by KitPloit in Security Audit, Taint Analysis, Typosquatting, vulnerabilities, Vulnerable, Yara
September 4, 2022BeatRev - POC For Frustrating/Defeating Malware Analysts

BeatRev Version 2Disclaimer/LiabilityThe work that follows is a POC to enable malware to "key" itself to a particular victim in order to frustrate efforts of malware analysts.I assume no responsibility...

by KitPloit in BeatRev, Reverse Engineer, Reverse Engineering, Reversing, Sandbox, Taken, Threat, Whitelisting
September 3, 2022ApacheTomcatScanner - A Python Script To Scan For Apache Tomcat Server Vulnerabilities

A python script to scan for Apache Tomcat server vulnerabilities. FeaturesMultithreaded workers to search for Apache tomcat servers.Multiple target source possible: Retrieving list of computers from...

by KitPloit in ApacheTomcatScanner, multithreaded, Tomcat, Username, Windows
September 2, 2022Aced - Tool to parse and resolve a single targeted Active Directory principal's DACL

Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS...

by KitPloit in Aced, Kerberos, LDAP, Logging, Privilege Escalation, Python3, SMB
September 1, 2022Autodeauth - A Tool Built To Automatically Deauth Local Networks

A tool built to automatically deauth local networks Tested on Raspberry Pi OS and Kali Linux Setup $ chmod +x setup.sh$...

by KitPloit in Autodeauth, Deauth, Deauthentication Attack, Networking, Python
August 31, 2022Awesome-Password-Cracking - A Curated List Of Awesome Tools, Research, Papers And Other Projects Related To Password Cracking And Password Security

A curated list of awesome tools, research, papers and other projects related to password cracking and password security. Read the guidelines before contributing! In short: ...

by KitPloit in Awesome List, Awesome-Password-Cracking, Hash Cracking, Password Safety, Wordlist Processing
August 30, 2022Masky - Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory

Masky is a python library providing an alternative way to remotely dump domain users' credentials thanks to an ADCS. A command line tool has been built on top...

by KitPloit in Masky, Pypi, Python, Python Library, Python3, Redteam, Vulnerability, Windows
August 29, 2022Erlik - Vulnerable Soap Service

Erlik - Vulnerable Soap Service Tested - Kali 2022.1 Description It is a vulnerable SOAP web service. It is a lab environment created for people...

by KitPloit in Erlik, Soap Python, Vulnerable Soap Server, Vulnerable Soap Service, Vulnerable Soap Service
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques